Remote Code Execution Vulnerability in JetBrains YouTrack by High Privileged Users
CVE-2026-33392

7.2HIGH

Key Information:

Vendor: Jetbrains
Status: Youtrack
Vendor: CVE Published:; 17 April 2026

What is CVE-2026-33392?

A remote code execution vulnerability exists in JetBrains YouTrack versions prior to 2025.3.131383, where a user with elevated privileges can bypass the application's sandbox restrictions. This flaw can potentially allow the execution of malicious code, leading to unauthorized access and manipulation of the system. It is crucial for users of affected versions to update their installations promptly to mitigate the risks associated with this vulnerability.

Affected Version(s)

YouTrack 0 < 2025.3.131383

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2026
Vulnerability Reserved
Mar 19, 2026

CVE-2026-33392 Data

JSON

Jetbrains

What is CVE-2026-33392?

Affected Version(s)

References

CVSS V3.1

Timeline